PT-2012-6328 · Pcp+1 · Performance Co-Pilot+1

Florian Weimer

Publicado

1970-01-01

Atualizado

2013-02-07

CVE-2012-3419

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Performance Co-Pilot (PCP) versions prior to 3.6.5

Description The issue allows attackers to obtain sensitive information, such as proc/pid/maps and command line arguments, by exploiting vulnerabilities in the affected software. Exploitation of these vulnerabilities can be done remotely, potentially leading to a disruption in the availability of protected information.

Recommendations For Performance Co-Pilot (PCP) versions prior to 3.6.5, update to version 3.6.5 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive information and limiting remote exploitation capabilities until a patch is applied.

Correção

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200CWE-189

Identificadores relacionados

BDU:2015-03711

BDU:2015-04394

BDU:2015-04395

BDU:2015-04396

BDU:2015-04397

BDU:2015-04398

BDU:2015-04399

BDU:2015-04400

BDU:2015-04401

CVE-2012-3419

DSA-2533-1

OPENSUSE-SU-2024:10165-1

Produtos afetados

Performance Co-Pilot

Suse

PT-2012-6328 · Pcp+1 · Performance Co-Pilot+1

CVE-2012-3419

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 31